Modify

Opened 9 years ago

Closed 5 years ago

#4545 closed defect (fixed)

iptables-restore fails to parse output of iptable-save when conntrack module is used

Reported by: khayrov@… Owned by: developers
Priority: normal Milestone:
Component: kernel Version: Trunk
Keywords: iptables, conntrack Cc:

Description

This problem is reproducible on Kamikaze build from trunk r14338, target brcm-2.4, actual hardware is Linksys WRT54GL.

root@OpenWrt:~# iptables -N TEST
root@OpenWrt:~# iptables -A TEST -m conntrack --ctorigsrc ! 192.168.1.0/24 -j RETURN
root@OpenWrt:~# iptables-save -t filter | iptables-restore
iptables-restore v1.3.8: no argument following `!'
Error occurred at line: 47
Try `iptables-restore -h' or 'iptables-restore --help' for more information.

Line 47 is

-A TEST -m conntrack --ctorigsrc ! 192.168.1.0/24 -j RETURN

Problem appears with negated IP address/mask arguments only, e.g --ctorigsrc 192.168.1.0/24 works fine. Strange thing is that iptables itself accepts such arguments.

Attachments (0)

Change History (1)

comment:1 Changed 5 years ago by florian

  • Resolution set to fixed
  • Status changed from new to closed
  • Version set to Trunk

Add Comment

Modify Ticket

Action
as closed .
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.